Siemens ID Mouse Review - PAGE 1

The average home user really isnt too concerned with security, which is why a regular computer running a Windows9X install is pretty much a meat market for anyone who wants to snoop around your system. Microsoft never really did tighten up the security in Windows, and even if you set a password, it is oh-so easy to hit the ESC key at the logon screen and voila, in you go.

But the problem of securing a computer goes beyond even the poor protection offered by Windows9X. The problem lies in the fact that the identification scheme is based on something anyone can provide: a password. Even if you had secured the password screen (some freeware programs exist to do this) on Win9X, or even if you run Win2K, people are going to be hacking into your system through your password. Ive had my email account password on Hotmail hacked once  its not funny. Well thats why biometrics is becoming such a hot item for security. Sure, anyone who knows your password can get right into your system (provided he has access to the system in the first place), but its a lot harder to fake a retina or fingerprint scan.

Vertical views of the ID Mouse

Fingerprint scan devices and retina scan devices introduce a protection scheme based on keys that, in theory, only you can possess. Barring some pretty extreme measures, nobody should be able to fake your identity if your system is protected by a biometric system.

General Information

The Siemens ID Mouse is one of the first devices to integrate the FingerTIP sensor technology to provide biometric security for any Windows based system (drivers and extensive PDF documentation are included for Win98, Win NT, and Win2K). Identification is based on the biometric characteristics of your fingerprint, called minutiae, which acts as a unique identifier for each person. The sensor actually uses 65000 sensor electrodes to measure the distance between your skin and the surface of the reader. In less than 100ms the 224x288pixel scanner can generate a digitized image of your print, and then software will analyze and compare the minutiae of the scan versus the minutiae of the original authenticating print. Sounds pretty James Bond-ish doesnt it?

For those who are extremely paranoid, your fingerprint data is NOT stored in its entirety. Instead, only characteristic features are stored for referential data, and the original fingerprint can not be reconstructed based on this data. The FingerTIP sensor is compact, fast, and low on power consumption, so I wouldnt be surprised to see it integrated in other products like laptops and even PDAs.

Using the ID mouse in general

Once the mouse is installed, the standard logon screen is replaced with the ID Mouse identification screen, which means that the installation is tightly integrated with the system (no more hitting ESC to bypass the login in Win98).

A fairly robust application is included which lets you manage users basically, through this software, you can set any and all of a users 10 fingers as the identifying prints. You can also set the security level of the scans to either high, medium, or low. This security setting affects how much detail is analyzed in order to determine a proper fingerprint match. Think of it as a specificity threshold  at high security, the software looks for more matching characteristics, so you can be more certain that the user is who he or she claims to be. But at this level, there is also a higher chance of rejections of legitimate users due to variances like placement of the finger, angle of the scan and other factors. On the flipside, the lower security setting reduces false rejections, but it also means that someone who has similar biometric characteristics to yours can actually spoof the software.

The user manager also allows you to set timeouts for scans and allow passwords to override the fingerprints. Personally the latter option is sort of foolish  if you are planning on securing your system against password intrusion, why even allow any password override at all?

When we tested the mouse, it worked pretty much as advertised. We set up several users and scanned in their fingerprints for identification, and proceeded to test the whole setup. Identification, including the scan and the actual authentication takes around 2 seconds on a Celeron 566 system, which is a lot slower than we liked.

Safe mode itself is disabled in Win98 (in fact, the whole F8 breakpoint is gone) so that when the system reboots it still kicks into regular windows. To boot safe mode you would need a boot disk of some sort (or reenable the F8 menu at boot time), and the manual recommends you disable the A: drive as a boot drive with a password locked BIOS.

The same applies for an MS-DOS prompt screen. If you can access the filesystem, you can disable the mouse, which is why F8 is disabled altogether, and why the A: must be locked out as a boot device.

In your article you mention that having a password still negates any usefulness biometric devices can offer. I agree but how else would you log in to a system if the device in question fails, especially NT or Windows 2000 after the OS is secured? What happens if you lose the finger needed to authenticate to the system? The password is still in place as a failsafe system. However, I do concur that eventually something needs to be changed so the option to enter a password is negated.

What happens if you lose the finger needed to authenticate to the system? The password is still in place as a failsafe system.

That's a very good question Dimitri. In Win98 there is a procedure in the manual to help you restore the system if the hardware fails or if, for example, you lose your fingerprints in an accident (acid burns, fires, cuts, hand in a cast, or whatever).

In Windows NT, a BETTER method would be for admin to have control over whether or not regular passwords are allowed, and that should be enabled on a per user basis (complicated, but more secure). Right now, ALL the users can either authenticate via the fingerprint, or via password. All it takes is a single user to have an easy password and the system could potentially be partially compromised. The best solution IMO is to disable any passwords at all, except for a master password, which the admin can set as reasonably difficult to hack as possible.

Also. Remember that the ID mouse software allows you to use up to all 10 of your fingers for identification (it will recognize up to 10 fingers set into your authentication profile), so there is always a chance you have SOMETHING to get in the system. There's not much point in trying to get in the system using your password if you've lost all your fingers .

Thanks for the reply. What I was getting at is that there is still the option for a password. Even though, per your example, it is restricted to admins only, someone can still walk up and try to login locally with a password.

The ideal biometric login system would only let you authenticate via your personal minutiae. This would improve help desk calls (no more resetting passwords), decrease unauthorized security accesses (users are always writing down their passwords on monitors) and enhance auditing since no on else can log in as you.

I guess my whole point about the single admin password was to illustrate a simple way to increase security while still having a fallback in case the device fails, or in case the system is somehow locked out in another way.

How can identification solely through personal minutiae be ideal if, say for example, the comparison db is corrupted or if the ID scanner is scratched? Then nobody could authenticate at all without a workaround.

I can't agree more that passwords are a security risk, but my strong feeling is that biometric security can only truly viable replacement if there is some form of alternative for access in case the primary biometric system fails (maybe another biometric device, like a retina scan, that or the use of SmartCard+password or something like that).

All in all, a very interesting future for biometrics, but right now I think devices like the ID mouse do not live up to the whole biometrics == added security idea.

Passwords are NOT a security risk if implemented properly. But getting users to use proper passwords (2 words separated by a random punctuation symbol for example) is almost impossible. They invariably write them down somplace near the computer negating any value, or worse, forget them and use IS resources for a reset.

This device may prevent that problem. Only the Sysadmin needs to know the admin password, the users can all use their finger.

No authentication device can make an unsecure OS like W98 secure. Use with a secure encrypted file system (PGPDisk for example) would be a step in the right direction.